Hello,

I have a really strange problem and I am completly lost. I hope someone here could help me. Here is my problem.

I have a network : 192.168.7.0
I have a computer : 192.168.7.151
And I have a router (vanguard) : 192.168.7.254

I want to add a new router, and to replace the existing one. But as the existing one connect me througt VPN to another location, I need both.

Here is what I did :

Old router (vanguard) : 192.168.7.253
New routeur (watchguard) : 192.168.7.254
I added a route to 192.168.1.5 via 192.168.7.253 in the watchguard router to allow access to the other location.

The computer (192.168.7.151) as only one gateway : 192.168.7.254. But when I do :

tracert 192.168.7.254, I see that this computer go througt 192.168.7.253 first. And so on for every destination.
If I use route print, I don't see any reference to 192.168.7.253.

I suspect a kind of automatic uptade of the routing table but I can't find anything.

Please Help !!!!

Which of the routers is the one directly connected to the internet? I presume it's the old router?

Have you not put the new router in the middle of the PC and old router? I think doing that would give you those trace results as the new router will be the first hop.

Is it affecting your network, vpn or internet connectivity?

'When all else fails.......read the manual'

The network is connected like that :


LAN ---> Switch ----> Router VANGUARD ----> Remote Location
                ----> Router Watchguard ----> Internet (DSL)

Yes it's affecting the connectivity as everything try to go through the old router.

Thanks for you help

First, if .253 is your default route, and you have no other routes defined on your computer, all packets will go to .253 first, but it should send your system a "redirect" packet, telling it to use .254 for the VPN connections.  Every packet shouldn't be forced through .253, but even if it is, that isn't a real problem.  You can use Ethereal to test this.  Tracert is not a good way to check routing in this scenario, because ALL initial requests will go to your default route (.253).

You have a couple of options, but it is working currently "as designed" so I wouldn't worry too much about it.

You can define a static route to the 192.168.1.0 network in DHCP so that each host will point directly to 192.168.7.254 for the VPN.

Or you can define a static route on each host that points directly to 192.168.7.254 for the 192.168.1.0.

pansophic

Does the machine at 192.168.7.151 have a default gateway defined? If so, what is it? In DOS, can you clear your ARP cache (arp -d) then do the following:

1. Ping an offnet 192.168.1.5, 192.168.7.253 and 192.168.7.254
2. Run (in DOS) arp -a and paste the results here.

I suspect something like HSRP/GLBP or proxy ARPing is going on. Hopefully the ARP cache output and default gateway confirmation will help verify this.